As this blog is mostly focused on Capture the Flag tutorials, I decided to do a write up the best command line tools in Kali Linux for CTF Challenges. Due to this I not cover the normal stuff, like Metasploit or Aircrack-ng.
With the exception of Firefox you will not find any GUI tools on this list.
What is CTF?
CTF stands for Capture The Flag”. It’s a CyberSecurity Competition that challenges contestants to solve a variety of tasks ranging from using Open Source Intelligence for tracking down hidden information across the internet, to programming exercises, cracking encryption and to finding your way into a server to capture or find a Hidden Flag.
There is nearly always a Hidden Flag, in the code, on the internet or buried deep inside a unsecured Database or Web Application server. For IT security experts and IT experts in general it is a deeply rewarding and educational experience.
However the knowledge required to become proficient in all the topics and be successful in the challenges can be very daunting and the Knowledge difficult to acquire with out years of experience. So my blog should help with some of the knowledge gathering.
Best Kali tools for Network Enumeration
The below list is dynamic and will update when more tools should be added.
What hasn’t been said about nmap, it comes with every flavour of Linux and should be learned by all.
A live tool that is always running to see what new systems join the network.
When engaged in Capture the flag challenges, being stealthy is not really that important. Rustscan can be super noisy and super fast.
Everyone knows about wireshark, but tshark is the command line version and has all the power of wireshark, with none of the GUI.
Best Kali tools for Exploitation.
Once systems are services are scanned down, its time to exploit team.
Best tool to find those users and shares on Windows or Samba.
A great tool for brute forcing a smb share. I used and example of it in a CTF room called ephemeral2
Finding sqli vulnerabilities couldn’t be easier than with sqlmap.
When you absolutely have to unlock every network application in the room. See my post on it.
wfuzz is great to fuzz for those LFI php pages. See my LFI post
Find all the directories on a web server.
Brute force or scan down vulnerabilities in wordpress.
Just search for the software that was scanned down and searchsploit will more than likely have a script for you.
The only Gui tool on the list and comes with all Linux OS versions. BurpSuite and ZAP are great tools, but if you learn the inspect tool that comes with firefox, then you can do most stuff without them.
A lot of the “Best Command tools in Kali Linux” type of posts then to focus heavily on GUI tools. Your skills are better learned and honed using the Command line.